Certified Information Security Manager

Achieving Certified Information Security Manager (CISM) certification validates that you have expertise and knowledge of the relationship between an information security program and the broader business goals and objectives. It also confirms that you have experience developing and managing an information security program.

Prerequisites

To apply for CISM certification, you must have five or more years of work experience in information security management, with at least three years of that experience in three or more of the job practice analysis areas - or domains - listed below. At the discretion of ISACA, you may use some security-related certifications and information systems management experience to satisfy up to two years of the required five years of experience.

Required Exams

About the CISM Exam

You will have four hours to answer 200 questions based on the four domains: